Modern Events Calendar Lite <= 5.1.6 – Multiple Subscriber+ Stored XSS Vulnerabilities

https://wpvulndb.com/vulnerabilities/10100

10Web Map Builder for Google Maps <= 1.0.63 – Unauthenticated Stored XSS via Plugin Settings Change

https://wpvulndb.com/vulnerabilities/10099

Async Javascript < 2.20.02.27 – Subscriber+ Stored XSS via Plugin Settings Change

https://wpvulndb.com/vulnerabilities/10098

wpdefault – Backdoor Plugin

https://wpvulndb.com/vulnerabilities/10096

Hero Maps Premium < 2.2.3 – Unauthenticated Reflected Cross-Site Scripting (XSS)

https://wpvulndb.com/vulnerabilities/10095

Export Users to CSV <= 1.4.2 – CSV Injection

https://wpvulndb.com/vulnerabilities/10094

Flexible Checkout Fields for WooCommerce < 2.3.2 – Unauthenticated Settings Update

https://wpvulndb.com/vulnerabilities/10093

Pricing Table by Supsystic < 1.8.1 – Cross-Site Request Forgery to XSS and Setting Changes

https://wpvulndb.com/vulnerabilities/10092

Pricing Table by Supsystic < 1.8.2 – Unauthenticated Stored XSS

https://wpvulndb.com/vulnerabilities/10091

Pricing Table by Supsystic < 1.8.2 – Insecure Permissions on AJAX Actions

https://wpvulndb.com/vulnerabilities/10090